It’s not strictly about automating API requests. He was also using Facebook’s trademarks (easy target for valid C&D requests). He was also using the plugin to collect data from users, including some very detailed data for a subset that opted in to a study. Facebook doesn’t take kindly to people making extensions that use their trademarks and collect user data, no matter how trivial.
Seems like the only potentially legally valid part of it. And even then, if he's not misrepresenting his product as made by Facebook (just "compatible with Facebook" or "use while you're on Facebook") I think it's still a stretch. Can a cottage industry survive without ever being allowed to even name the companion products for which the extension is designed?
To my understanding, the original purpose of trademarks was to protect the buyer. If I buy a bicycle listed as being from X, I can expect that it was manufactured by X, or at the very least endorsed by X (e.g. Kirkland products). If a different manufacturer Y labels their product as X, then I no longer have that certainty.
But corporations have taken that and gone way too far on it. If I describe a product as being "compatible with X" or "fits on an X", that in no way makes a claim that it is manufactured by X. Like how tv manufacturers should be able to say "Perfect for watching the Super Bowl this weekend.", but avoid doing so for fear of being sued. There's no endorsement at all there, nor any dilution of the trademark, and yet it gets treated as though the words themselves are protected.
I believe it is an implicit "you make them look shoddy" if your product doesn't work after they change something. Self-produced ones at least they can check for backward compatibility but they have no way of guaranteeing any of their changes would break any fly-by-night or obscure adaptors.
Rather overkill in practice for a legal doctrine. But I can see their concern, and why a company would dislike it over the sheer tech support call volume alone. Their first response being "stop it!" makes sense in that light.
Open standards are a good way to prevent issues while keeping both sides happy (notably it also keeps company names out of it except in deniablenways such as say listing GMail as an example of a POP3 user - it doesn't equate the two). Open standards aren't automatic or free though and there may easily be gaps because they never thought to specify a given portion for interoperability.
There's a distinct difference between using a trademarked term descriptively vs. in trade. The phrase "for Facebook" is clearly the former.
I'll note that on the Mozilla Firefox Extensions site, there are presently 1,305 results for the term "Facebook", the first of which ... is from Mozilla itself, "Facebook Container", by Mozilla Firefox.
The Facebook Container page doesn't even include the usual trademark-infringement-bane I was going to suggest, "'Facebook' is a trademark of Facebook, Inc. Any and all other trademarks are properties of their respective owners."
Google Play's store doesn't provide the helpful results counts Mozilla's does (perhaps Mozilla could provide Google assistance with online search technology), but does reveal a wealth of third-party entries referencing Facebook.
> A copy of each and every version of any software code You have developed or used to interact with the Facebook websites and/or services, including any libraries, frameworks, ...
Couldn't one maliciously comply with this particular order? Especially 'used to interact with', which could be interpreted as 'used in the process of development to interact with'. I feel like if I were them, I would in this case send a whole copy of the Linux source code (seeing my PC runs it); Chromium (to 'interact' with Facebook); WebKit (or similar browser-side dependencies that your extension somehow interacts with) etc. Not forgetting to send every version of the aforementioned software!
Might be bending the rules just a bit (/s), but hey, at least I'm on the safe side by including absolutely everything!
IANAL. You probably know this already, but C&D's are not legal documents - just scare tactics. The result from ignoring it for >48hrs would simply be Facebook escalating... if they decided to.
I have worked for places that have completely ignored C&D's with no repercussions.
That being said, Facebook can use this down the road as an example of them providing ample warning and notice to the developer – which, yes, is something that a judge would consider. There just aren't, say, specific legal outcomes to ignoring this C&D's (totally arbitrary) timeframe.
It’s not strictly about automating API requests. He was also using Facebook’s trademarks (easy target for valid C&D requests). He was also using the plugin to collect data from users, including some very detailed data for a subset that opted in to a study. Facebook doesn’t take kindly to people making extensions that use their trademarks and collect user data, no matter how trivial.